Six Things to Consider Before CCPA Goes Into Force

Netwrix reveals a checklist of what organizations should do now to achieve CCPA compliance by January 1, 2020.

News provided by

Netwrix Corporation

Jan 24, 2019, 09:00 ET

IRVINE, Calif., Jan. 24, 2019 /PRNewswire/ -- Netwrix, provider of a visibility platform for data security and risk mitigation in hybrid environments, highlights six things organizations should start doing today to achieve compliance with the California Consumer Privacy Act (CCPA) before it goes into effect on January 1, 2020.

The CCPA reflects the increased attention data privacy is getting in light of the GDPR, Facebook's Cambridge Analytica scandal and the overall upsurge in personal data breaches. It requires businesses to ensure the security and privacy of all personal information they hold about California residents and households.

Together with Osterman Research, Netwrix established the following list of things that organizations should do today so CCPA does not take them by surprise:

  1. Determine whether you have to comply. The CCPA's scope is broader than one may think. Even if an organization is located outside of California, it has to comply with CCPA if it handles the personal data of California residents. Organizations are advised to check the standard's criteria for entities that have to comply.
  2. Learn what data you have. Although the CCPA does not become effective until January 1, 2020, as of that date, consumers will be able to request information about the personal data companies have collected for the preceding 12 months. That means that, organizations need to have categorized the data they store and ensure they have a complete view of information protected by CCPA — ideally, by January 1, 2019, but in no circumstances later than January 1, 2020. Therefore, businesses should consider adopting a data classification solution to find out what kind of data they store that is protected by CCPA, where it is located, how it is handled and who has access to it.
  3. Refine your data management processes. All organizations subject to the CCPA must establish strong data management processes, including keeping clear provenance on where personal data has come from and who it is about, and proactively deleting data that is no longer required for future processing.
  4. Get ready to respond to data access requests. Organizations need streamlined processes in place to address consumers' data access and deletion requests. Specifically, they need to be able to identify where an individual's personal data is being used, why it is being stored or processed, and its provenance. Trying to manually satisfy data access requests from thousands of data subjects will be costly and time consuming.
  5. Invest in security from threats.  Organizations should apply appropriate mitigations to regulated data. This can be achieved by deploying data-centric audit and protection (DCAP) technologies, user behavior analytics (UBA), security information and event management (SIEM) solutions, next-generation firewalls, and the like.
  6. Establish a data breach notification policy. Businesses must have mechanisms to identify a data breach, notification and escalation pathways, and documented processes for providing notice within the timeframes required.

"The time to achieve compliance with the CCPA by January 2020 is running out fast, so organizations must gain full visibility into all information they have, discover which regulated data they store, and ensure that they are able to protect it against compromise," said Steve Dickson, CEO of Netwrix.

To learn more about how to achieve CCPA compliance, read the white paper by Osterman Research: www.netwrix.com/go/osterman_research 

About Netwrix

Netwrix Corporation is a software company focused exclusively on providing IT security and operations teams with pervasive visibility into user behavior, system configurations and data sensitivity across hybrid IT infrastructures to protect data regardless of its location. Over 10,000 organizations worldwide rely on Netwrix to detect and proactively mitigate data security threats, pass compliance audits with less effort and expense, and increase the productivity of their IT teams.

Founded in 2006, Netwrix has earned more than 140 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.

For more information, visit www.netwrix.com.

CONTACT:

Erin Jones
Avista PR for Netwrix
P: 704.664.2170
E: [email protected]

SOURCE Netwrix Corporation

Related Links

http://www.netwrix.com

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

icon3
440k+
Newsrooms &
Influencers
icon1
9k+
Digital Media
Outlets
icon2
270k+
Journalists
Opted In
GET STARTED

Also from this source

Netwrix Has Expanded Its Global Partnership Network by 36% Over the Past Two Years

Netwrix Has Expanded Its Global Partnership Network by 36% Over the Past Two Years

Netwrix, a vendor that delivers effective and accessible cybersecurity to any organization, has increased its global channel partnership network by...
The Manufacturing Sector Experiences More Attacks in the Cloud than Any Other Industry

The Manufacturing Sector Experiences More Attacks in the Cloud than Any Other Industry

Netwrix, a cybersecurity vendor that makes data security easy, today revealed additional findings for the manufacturing sector from its survey of...
More Releases From This Source

Explore

Computer & Electronics

Computer & Electronics

High Tech Security

High Tech Security

Multimedia & Internet

Multimedia & Internet

Computer Software

Computer Software

News Releases in Similar Topics